package com.boruan.shengtangfeng.admin.jwt;

import java.util.ArrayList;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

import com.boruan.shengtangfeng.core.utils.UserUtil;

/**
 * 自定义身份认证验证组件
 *
 */

@Component
public class UserAuthenticationProvider implements AuthenticationProvider {

	@Autowired
	private UserDetailsServiceImpl userDetailsServiceImpl;

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		// 获取认证的用户名 & 密码
		String name = authentication.getName();
		String password = authentication.getCredentials().toString();
		// 认证逻辑
		UserSubject userDetails = (UserSubject) userDetailsServiceImpl.loadUserByUsername(name);
		if (null != userDetails) {
			if (UserUtil.match(password, userDetails.getPassword(), userDetails.getSalt())) {
				// 这里设置权限和角色
				ArrayList<GrantedAuthority> authorities = new ArrayList<>();
//                if(StringUtils.equals("admin", userDetails.getUsername())) {
//                	authorities.add(new GrantedAuthorityImpl("ROLEADMIN") );
//                }
//                authorities.add( new GrantedAuthorityImpl("AUTH_WRITE") );
				// 生成令牌 这里令牌里面存入了:name,password,authorities, 当然你也可以放其他内容
				Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, password, authorities);
				return auth;
			} else {
				throw new BadCredentialsException("密码错误");
			}
		} else {
			throw new UsernameNotFoundException("用户不存在");
		}
	}

	/**
	 * 是否可以提供输入类型的认证服务
	 * 
	 * @param authentication
	 * @return
	 */
	@Override
	public boolean supports(Class<?> authentication) {
		return authentication.equals(UsernamePasswordAuthenticationToken.class);
	}

}
